Example 1 with ResponseType
use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.
the class SAMLLogoutAdapterTest method employeeGlobalLogoutTest.
@Test
public void employeeGlobalLogoutTest() {
SAMLDocumentHolder b = new SamlClientBuilder().navigateTo(employeeServletPage).processSamlResponse(Binding.POST).build().login().user(bburkeUser).build().processSamlResponse(Binding.POST).targetAttributeSamlResponse().transformObject(this::extractNameId).transformObject((SAML2Object o) -> {
assertThat(o, isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType rt = (ResponseType) o;
NameIDType t = (NameIDType) rt.getAssertions().get(0).getAssertion().getSubject().getSubType().getBaseID();
t.setNameQualifier(NAME_QUALIFIER);
t.setSPNameQualifier(SP_NAME_QUALIFIER);
t.setSPProvidedID(SP_PROVIDED_ID);
}).build().navigateTo(employeeServletPage.getUriBuilder().clone().queryParam("GLO", "true").build()).getSamlResponse(Binding.POST);
assertThat(b.getSamlObject(), instanceOf(LogoutRequestType.class));
LogoutRequestType lr = (LogoutRequestType) b.getSamlObject();
NameIDType logoutRequestNameID = lr.getNameID();
assertThat(logoutRequestNameID.getFormat(), is(nameIdRef.get().getFormat()));
assertThat(logoutRequestNameID.getValue(), is(nameIdRef.get().getValue()));
assertThat(logoutRequestNameID.getNameQualifier(), is(NAME_QUALIFIER));
assertThat(logoutRequestNameID.getSPProvidedID(), is(SP_PROVIDED_ID));
assertThat(logoutRequestNameID.getSPNameQualifier(), is(SP_NAME_QUALIFIER));
}
Also used :
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
SAML2Object(org.keycloak.dom.saml.v2.SAML2Object)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
LogoutRequestType(org.keycloak.dom.saml.v2.protocol.LogoutRequestType)
NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
Test(org.junit.Test)
AbstractServletsAdapterTest(org.keycloak.testsuite.adapter.AbstractServletsAdapterTest)
Example 2 with ResponseType
use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.
the class SAMLLogoutAdapterTest method extractNameId.
private SAML2Object extractNameId(SAML2Object so) {
assertThat(so, isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType loginResp1 = (ResponseType) so;
final AssertionType firstAssertion = loginResp1.getAssertions().get(0).getAssertion();
assertThat(firstAssertion, org.hamcrest.Matchers.notNullValue());
assertThat(firstAssertion.getSubject().getSubType().getBaseID(), instanceOf(NameIDType.class));
NameIDType nameId = (NameIDType) firstAssertion.getSubject().getSubType().getBaseID();
AuthnStatementType firstAssertionStatement = (AuthnStatementType) firstAssertion.getStatements().iterator().next();
nameIdRef.set(nameId);
sessionIndexRef.set(firstAssertionStatement.getSessionIndex());
return so;
}
Also used :
AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType)
AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType)
NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
Example 3 with ResponseType
use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.
the class SAMLServletSessionTimeoutTest method addSessionNotOnOrAfter.
private SAML2Object addSessionNotOnOrAfter(SAML2Object ob) {
assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) ob;
Set<StatementAbstractType> statements = resp.getAssertions().get(0).getAssertion().getStatements();
AuthnStatementType authType = (AuthnStatementType) statements.stream().filter(statement -> statement instanceof AuthnStatementType).findFirst().orElse(new AuthnStatementType(XMLTimeUtil.getIssueInstant()));
XMLGregorianCalendar sessionTimeout = XMLTimeUtil.add(XMLTimeUtil.getIssueInstant(), SESSION_LENGTH_IN_SECONDS * 1000);
sessionNotOnOrAfter.set(sessionTimeout.toString());
authType.setSessionNotOnOrAfter(sessionTimeout);
resp.getAssertions().get(0).getAssertion().addStatement(authType);
return ob;
}
Also used :
AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType)
XMLTimeUtil(org.keycloak.saml.processing.core.saml.v2.util.XMLTimeUtil)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
Matchers.bodyHC(org.keycloak.testsuite.util.Matchers.bodyHC)
AdapterActionsFilter(org.keycloak.testsuite.adapter.filter.AdapterActionsFilter)
Page(org.jboss.arquillian.graphene.page.Page)
AtomicReference(java.util.concurrent.atomic.AtomicReference)
EntityUtils(org.apache.http.util.EntityUtils)
Assert.assertThat(org.junit.Assert.assertThat)
SAML2Object(org.keycloak.dom.saml.v2.SAML2Object)
AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType)
SamlClient(org.keycloak.testsuite.util.SamlClient)
ContainerConstants(org.keycloak.testsuite.utils.arquillian.ContainerConstants)
WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive)
Matchers.notNullValue(org.hamcrest.Matchers.notNullValue)
Matchers(org.keycloak.testsuite.util.Matchers)
Matchers.allOf(org.hamcrest.Matchers.allOf)
JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants)
REALM_NAME(org.keycloak.testsuite.saml.AbstractSamlTest.REALM_NAME)
Set(java.util.Set)
Test(org.junit.Test)
Employee2Servlet(org.keycloak.testsuite.adapter.page.Employee2Servlet)
RealmAttributeUpdater(org.keycloak.testsuite.updaters.RealmAttributeUpdater)
XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar)
Deployment(org.jboss.arquillian.container.test.api.Deployment)
StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType)
AppServerContainer(org.keycloak.testsuite.arquillian.annotation.AppServerContainer)
SessionTimeoutHelper(org.keycloak.models.utils.SessionTimeoutHelper)
Matchers.is(org.hamcrest.Matchers.is)
PublicKeyLocator(org.keycloak.adapters.rotation.PublicKeyLocator)
Matchers.containsString(org.hamcrest.Matchers.containsString)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar)
StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
Example 4 with ResponseType
use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.
the class SAMLParserTest method testSaml20AuthnResponseNonAsciiNameDefaultLatin2.
@Test
public void testSaml20AuthnResponseNonAsciiNameDefaultLatin2() throws Exception {
ResponseType rt = assertParsed("KEYCLOAK-3971-8859-2-in-header-authnresponse.xml", ResponseType.class);
assertThat(rt.getAssertions().size(), is(1));
final AssertionType assertion = rt.getAssertions().get(0).getAssertion();
final SubjectType subject = assertion.getSubject();
assertThat(subject.getConfirmation(), hasSize(1));
SubjectConfirmationType confirmation = subject.getConfirmation().get(0);
assertThat(confirmation.getMethod(), is(JBossSAMLURIConstants.SUBJECT_CONFIRMATION_BEARER.get()));
assertThat(confirmation.getSubjectConfirmationData(), notNullValue());
assertThat(confirmation.getSubjectConfirmationData().getInResponseTo(), is("ID_cc0ff6f7-b481-4c98-9a79-481d50958290"));
assertThat(confirmation.getSubjectConfirmationData().getRecipient(), is("http://localhost:8080/sales-post-sig/saml"));
assertThat(subject.getSubType().getBaseID(), instanceOf(NameIDType.class));
NameIDType nameId = (NameIDType) subject.getSubType().getBaseID();
assertThat(nameId.getValue(), is("ročéíöüßäöü"));
}
Also used :
SubjectType(org.keycloak.dom.saml.v2.assertion.SubjectType)
SubjectConfirmationType(org.keycloak.dom.saml.v2.assertion.SubjectConfirmationType)
EncryptedAssertionType(org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType)
AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType)
NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType)
Test(org.junit.Test)
Example 5 with ResponseType
use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.
the class SAMLParserTest method testSaml20AuthnResponseNonAsciiNameDefaultUtf8.
@Test
public void testSaml20AuthnResponseNonAsciiNameDefaultUtf8() throws Exception {
ResponseType rt = assertParsed("KEYCLOAK-3971-utf-8-no-header-authnresponse.xml", ResponseType.class);
assertThat(rt.getAssertions().size(), is(1));
final AssertionType assertion = rt.getAssertions().get(0).getAssertion();
assertThat(assertion.getSubject().getSubType().getBaseID(), instanceOf(NameIDType.class));
NameIDType nameId = (NameIDType) assertion.getSubject().getSubType().getBaseID();
assertThat(nameId.getValue(), is("roàåאבčéèíñòøöùüßåäöü汉字"));
assertThat(assertion.getSubject().getConfirmation(), hasSize(1));
assertThat(assertion.getSubject().getConfirmation().get(0).getSubjectConfirmationData(), notNullValue());
assertThat(assertion.getSubject().getConfirmation().get(0).getSubjectConfirmationData().getAnyType(), instanceOf(KeyInfoType.class));
KeyInfoType kit = (KeyInfoType) assertion.getSubject().getConfirmation().get(0).getSubjectConfirmationData().getAnyType();
assertThat(kit.getContent(), hasItem(instanceOf(X509DataType.class)));
X509DataType rsaKit = (X509DataType) kit.getContent().get(0);
assertThat(rsaKit.getDataObjects(), hasSize(1));
assertThat(rsaKit.getDataObjects().get(0), instanceOf(X509CertificateType.class));
}
Also used :
X509CertificateType(org.keycloak.dom.xmlsec.w3.xmldsig.X509CertificateType)
X509DataType(org.keycloak.dom.xmlsec.w3.xmldsig.X509DataType)
EncryptedAssertionType(org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType)
AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType)
NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType)
KeyInfoType(org.keycloak.dom.xmlsec.w3.xmldsig.KeyInfoType)
Test(org.junit.Test)
Aggregations
ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)75
Test (org.junit.Test)50
SamlClientBuilder (org.keycloak.testsuite.util.SamlClientBuilder)38
SAMLDocumentHolder (org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)34
StatusResponseType (org.keycloak.dom.saml.v2.protocol.StatusResponseType)33
AssertionType (org.keycloak.dom.saml.v2.assertion.AssertionType)26
NameIDType (org.keycloak.dom.saml.v2.assertion.NameIDType)25
JBossSAMLURIConstants (org.keycloak.saml.common.constants.JBossSAMLURIConstants)16
Document (org.w3c.dom.Document)15
URI (java.net.URI)13
List (java.util.List)12
Matchers.containsString (org.hamcrest.Matchers.containsString)12
Assert.assertThat (org.junit.Assert.assertThat)12
AttributeStatementType (org.keycloak.dom.saml.v2.assertion.AttributeStatementType)12
AttributeType (org.keycloak.dom.saml.v2.assertion.AttributeType)12
StatementAbstractType (org.keycloak.dom.saml.v2.assertion.StatementAbstractType)12
ProcessingException (org.keycloak.saml.common.exceptions.ProcessingException)12
IOException (java.io.IOException)11
Response (javax.ws.rs.core.Response)11
Matchers (org.keycloak.testsuite.util.Matchers)11
